Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
33 Open 4,311 Closed
33 Open 4,311 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

RightToLeft Obfuscation - PowerShell Rules Windows Pull request add/update windows related rules
#5072 opened Nov 6, 2024 by FilipPwn Loading…
1
This is a proposal for a PrivEsc detection rule Linux Pull request add/update linux related rules Rules
#5071 opened Nov 4, 2024 by mlakri Loading…
1
Add more imgaes to the rule (proc_creation_lnx_omigod_scx_runasprovider_executeshellcommand) Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5069 opened Nov 2, 2024 by CheraghiMilad Draft
1
Create microsoft365_teams_guest_rmm_deployment.yml Rules Work In Progress Some changes are needed
#5066 opened Nov 1, 2024 by prashanthpulisetti Loading…
3
Add new rule Email Forwarding Rule - Exchange Rules
#5061 opened Oct 23, 2024 by dan21san Loading…
Converted Auditd rules Linux Pull request add/update linux related rules Rules
#5059 opened Oct 22, 2024 by defensivedepth Loading…
Update App Role Added based on Microsoft description Rules Work In Progress Some changes are needed
#5054 opened Oct 18, 2024 by gregorywychowaniec-zt Loading…
6
Create proc_creation_win_reg_add_AutoAdminLogon_key.yml Rules Windows Pull request add/update windows related rules
#5053 opened Oct 16, 2024 by Mahir-Ali-khan Loading…
detect vacuuming of journald as clearing syslog Linux Pull request add/update linux related rules Rules
#5050 opened Oct 14, 2024 by wieso-itzi Loading…
Update proc_creation_win_run_from_zip.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5047 opened Oct 13, 2024 by CheraghiMilad Loading…
@nasbench
1
Add Suspicius Setup16 Parent Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5046 opened Oct 13, 2024 by frack113 Loading…
@nasbench
Update win_security_register_new_logon_process_by_rubeus.yml Rules Windows Pull request add/update windows related rules
#5041 opened Oct 9, 2024 by Koifman Loading…
1
Exfiltration Over Alternative Protocol - Linux Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5035 opened Oct 6, 2024 by CheraghiMilad Loading…
@nasbench
6
Update Suspicious Double Extension File Execution Rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5030 opened Oct 1, 2024 by MalGamy12 Loading…
@nasbench
2
new_rules Rules
#5023 opened Sep 23, 2024 by saakovv Loading…
aws_new_rules Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5021 opened Sep 21, 2024 by saakovv Loading…
7
github-new-rules Rules Work In Progress Some changes are needed
#5018 opened Sep 20, 2024 by saakovv Loading…
@nasbench
5
Modify or Delete AWS RDS Cluster Rules
#5017 opened Sep 20, 2024 by saakovv Loading…
CreateFunctionUrlConfig Rules
#5016 opened Sep 20, 2024 by saakovv Loading…
3
DeleteSAMLProvider AWS Rules
#5015 opened Sep 20, 2024 by saakovv Loading…
1
sigma rules around using MSI for privilege escalation Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5010 opened Sep 16, 2024 by sec-hbaer Loading…
@nasbench
2
Create proc_creation_win_code_devtunnel_tunneling.yaml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5004 opened Sep 9, 2024 by 0xAnalyst Loading…
14
Add Sigma rule for CVE-2024-38063 IPv6 memory corruption detection Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Work In Progress Some changes are needed
#4988 opened Aug 28, 2024 by zenzue Draft
@nasbench
6
Add Rule: proc_creation_win_renamed_ssh.yml Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#4971 opened Aug 15, 2024 by omaramin17 Draft
@nasbench
4
Winscp rule from Akira Ransomware report Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4939 opened Jul 30, 2024 by frack113 Loading…
@nasbench
1
ProTip! Updated in the last three days: updated:>2024-11-03.